Cybersecurity-IT Specialist

Job Summary:    The Cybersecurity Specialist engages in project management work related to the security of the Company’s information systems.  This role performs professionally as part of the IT team and is primarily responsible for the identification of security risks and vulnerabilities, the protection of corporate information/data networks (through policy, procedural and technological solutions), the detection of cybersecurity incidents, response to those incidents, and recovery from such incidents. The Cybersecurity Specialist will report on company progress with improvements to security practices, make recommendations on high priority risks, and work with employees on how to maintain and improve their security practices.

Essential Job Duties and Responsibilities

• Stay up to date and knowledgeable on service provider and cybersecurity trends, plus new and recurring risks by reading, analyzing, and interpreting industry related articles (news releases, tech media resource guides/forums/blogs, and software/programming manuals).
  • Develop plan and approach to protect and maintain security of Nemont databases, networks, and information systems.
  • Learn about current attack trends, exploited vulnerabilities, legal actions, and potential risks.
  • Learn about the latest “best practices” to patch or remediate potential security risks.
  • Advise employees of potential risks and coordinate responses to potential problems and/or incidents.
  • Monitor the patching of known vulnerabilities and prioritize patching of imminent threats or risks.
  • Make recommendations of new tools or practices as they relate to cybersecurity.
• Evaluate each potential Cybersecurity incident to determine if they are real threats or events caused by appropriate everyday use of employees.
  • Coordinate and document appropriate response to valid incidents.
• Consider practices, policies, and procedures that affect the security of company networks and data.
• Make recommendations for changes in practice, policy, or procedure to decrease risk of potential cyber threats.
• Implement or aid in the implementation of practices, policies, or procedures to decrease risk and remediate vulnerabilities.
• Oversee company cybersecurity training program through assignment of monthly training, phishing campaigns, and other corporate training as it relates to cyber security.
• Scan, test, and coordinate 3rd party scanning and testing for company cybersecurity weaknesses.
  • Report on found issues and provide recommendations on practices or technological solutions to remediate them.
• Meeting and maintaining compliance with local, state and federal regulations across all areas of this role’s oversight is an expectation and key objective.
• Uphold and demonstrate your commitment to Nemont’s values in everything you do.  Be Innovative-Create the environment where we continually improve and adapt, Be Kind—Our actions make a difference, Be Trustworthy—Do the right thing, take responsibility for our actions, and honor our commitments, and Be United—People are our purpose; unified teams build the strongest networks.
• Performs various other IT related functions and duties as assigned.

Additional Job Duties and Responsibilities

• Perform other duties and responsibilities as required to fulfill job function or as assigned.

Knowledge, Skills, and Abilities

• Information Technology / Cybersecurity Related Knowledge: Comprehensive knowledge of theories, concepts and practices and ability to use in complex, difficult and/or unprecedented situations. The ability to understand physical network topologies and logical network concepts.
• Analytical Skills: An advanced capability and skill with observing and assessing a situation and determining how to respond in a prompt and professional manner. Applies highly proficient and specialized skills that allows employee to function in situations that are varied, complex, and/or non-routine. Must be able to see patterns and trends and draw conclusions from observations across various situations. This includes an ability to learn and apply new skills in ever changing and upwardly increasing complex situations, where specific knowledge or skills to be proficient in cybersecurity requires constant learning and the ability to adapt to unknown circumstances.
• Project Management Skills: At an advanced level, be proficient with organizing the planning process. Develop and direct detailed project schedules including tasks, accountabilities, and deadlines. Anticipate problems that may impede work. Communicates changes and progress. This role requires the ability to schedule, prioritize, and manage technical and interpersonal items to facilitate continuous improvement in the company’s security posture.
• Computer / Technical Skills: At an advanced level, be proficient with word processing and data entry tools and develop spreadsheets and presentations efficiently. Programs at an advanced level, along with conducting system analyses and troubleshooting reported concerns.
• Administrative / General Office Equipment Operation: Efficiently use common office equipment (computer, digital camera, scanner, fax machine, copier, phone). Identify operational problems with common equipment and determine resolution. Repair and upgrade office and/or basic equipment.
• Confidentiality: Maintain company / customer / vendor information and sensitive business matters private when facing a wide range of circumstances. Be knowledgeable of the authorized key contacts for disclosure of and to communicate with regarding restricted information.
• Time Management: Requires the ability to use one's work time effectively and productively,
• Customer and Personal Service: Working knowledge of principles and processes for providing customer and personal services. This includes customer needs assessment, meeting quality standards, and evaluation of customer satisfaction.
• Decision Making: Decisions have significant, broad implications for the management and operations of a division. This position contributes to decisions on the overall strategy and direction of the entire organization.
• Problem Solving: Problems are highly varied, complex, and often non-recurring; require novel and creative approaches to resolution. New concepts and approaches may have to be developed.
• Attention to Detail: Successful performance requires being careful about detail and thorough in completing work tasks.
• Teamwork and Cooperation: Successful performance in this role requires being pleasant with others on the job and displaying a good-natured, cooperative attitude. Develop and maintain relationships to enhance workflow and work quality. Persuade, gain cooperation and acceptance of ideas or collaborate on significant projects. Handle sensitive issues and facilitate collaboration at the highest level.
• Integrity: Successful performance in this role requires being honest and ethical.
• Independence of Action: Results are defined; incumbent sets own goals and determines how to accomplish results with few or no guidelines to follow, although past practices may exist; supervisor/manager provides broad guidance and overall direction.
• English Language: This role requires proficient working knowledge of the structure and content of the English language including the meaning and spelling of words, rules of composition, and grammar.
• Oral Comprehension and Expression: The ability to listen / understand information / ideas presented through spoken words / sentences, paired with the ability to communicate information / ideas in speaking so others will understand.
• Written Comprehension and Expression: The ability to read / understand information / ideas presented through written / typed words and sentences, paired with the ability to communicate information / ideas in writing so others understand. 

Education/Experience

Any combination equivalent to the following education and experience that would provide the required knowledge, skills and abilities would qualify.  A typical way to obtain the knowledge, skills, and abilities would be: 

• Successful completion of a 4-year / Bachelor’s Degree in Cybersecurity, or a similarly related field of study.
  • Or an additional 5 years’ successful work experience in Cybersecurity or IT relevant field, as an equivalent to the degree requirement.
• A minimum of 3-years of work experience performing work on Cybersecurity and IT related functions.
• A valid, state issued, and insurable drivers’ license.

Physical Demands

• Sitting / standing at an office desk for up to 8 hours / day or longer depending on the demands of the job.
• Frequent use of technology, computers, devices, keyboards, etc. (Repetitive hand motion and typing like functions).
• Performs functions that present physical hazards, such as proximity to moving mechanical parts, moving vehicles, electrical current, working on scaffolding / ladders and high places, or exposure to chemicals in work setting.
• Hearing, listening, talking, standing, walking, bending, stooping, reaching, kneeling, squatting, balancing, pushing/pulling, and climbing stairs are all expectations of this role, although some of these functions may be more seldom performed than others.
• Must follow all company safety policies / procedures and always use appropriate personal protective equipment (PPE).
• Must be able to lift 30 pounds at times. 
• Must be able to access and navigate each department at the organization’s facilities.

Working Schedule and Conditions

• Monday through Friday, flexible and variable work schedule.
• Normal office environment with little exposure to excessive noise, dust, temperature and the like.
• Moderate to extended viewing of CRT screen.
• Drive to various locations on a regular basis.

Additional Information

This job description is not intended to be all-inclusive. The successful candidate will also perform other reasonably related business duties as assigned.  Nemont reserves the right to revise or change job duties and responsibilities as the need arises.  This job description does not constitute a written or implied contract of employment.